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METHOD, SYSTEM, AND APPARATUS FOR PROVIDING READ-ONLY 



ACCESS TO NETWORK ELEMENT CONFIGURATION DATA 



Technical Field 

The present invention generally relates to the field of network data 
communications. More specifically, the present invention relates to a method, system, 
and apparatus for providing access to configuration data for network elements. 

Background of the Invention 

Recent advances and improvements in communications technology provide the 
communications industry with an enormous number of opportunities to improve 
existing services and to branch into new service areas. For instance, thousands of miles 
of fiber optic cable have been deployed in optical networks. These optical networks 
make possible the transmission of large amounts of information at great speeds and are 
used to carry voice signals, data, and video. 

The management and monitoring of a large optical network, or other types of 
large networks, can be difficult and expensive. One factor contributing to the cost of 
maintaining and operating large optical networks is the lack of reliable data regarding 
installed network equipment. In many networks, databases storing information 
regarding the type of installed equipment and the configuration of the devices are 
maintained manually. In many cases, manually maintaining this type of data causes it 
to be unreliable. Therefore, in many situations, a service technician must be dispatched 
to the physical location of a network device to verify the existence of the device and its 
configuration before any changes may be made to the network. Sending a technician to 
the physical location of the equipment in this manner is time consuming and expensive. 

While methods and systems do exist that allow technicians to remotely 
determine the existence and configuration of a network device, these systems also allow 
a user to make changes to the configuration of the network device. For instance, the 
transaction one ("TL1") protocol allows users to remotely gain access to network 
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elements and to execute commands on the network elements. Through the use of TL1, 
the existence and configuration of devices on an optical network may be determined. 
However, providing access to network elements to a user through the use of the TL1 
language provides the user with the ability to make changes to the configuration of the 
5 network elements. Allowing a user to make changes to the network equipment in this 
manner opens a network up to the possibility of inadvertent or malicious modification 
of the configuration of network elements. In many situations, a malicious user with 
access to the configuration of network elements through the TL1 protocol could render 
an entire network useless by issuing only a few commands. 
10 Therefore, in light of the above, there is a need for a method and system for 

providing access to network element configuration data that will provide easy access to 
accurate information regarding the installation and configuration of network data 
y : equipment without requiring a technician to physically visit the location of the 

J*} equipment. Moreover, there is a need for a method and system for providing access to 

£3 15 network element configuration data that can provide data regarding the existence and 

y! configuration of network elements without also allowing users to execute commands or 

modify the configuration of the equipment. 

W 

£5 Summary of the Invention 

P«I 20 The present invention meets the above-described needs by providing a method, 

^* system, and apparatus for providing read-only access to network element configuration 

data. According to one actual embodiment of the present invention, an Intranet World 
Wide Web ("WWW" or "Web") site is provided through which technicians or other 
users may retrieve read-only information regarding the existence or configuration of 
25 elements on an optical or other type of network. 

According to another actual embodiment of the invention, a method for 
providing read-only access to network element configuration data is provided. 
According to this method, a request is received to access the configuration data for a 
network element. In response to the request, a communications session is initiated with 



the identified network element. The requested configuration data is then received from 
the network element and transmitted in response to the request in a read-only format. A 
target identification code ("TED") may be utilized to identify the network element for 
which the configuration data should be received. 
5 According to another actual embodiment of the present invention, configuration 

data regarding the network element is stored in a database. When a request is received 
to access the configuration data for the network element, the previously-stored 
configuration data is retrieved. The previously-stored configuration data is compared to 
the configuration data received from the network element. A determination is made as 
10 to whether the previously-stored configuration data and the configuration data received 
from the network element itself are identical. If the previously-stored configuration 
data and the configuration data received from the network element are not identical, the 

y ; configuration data received from the network element is stored in the network database. 

W In this manner, a database containing valid configuration data for each network element 

□ 15 on a network may be created and maintained. 

iJf According to yet another embodiment of the present invention, a system is 

0 provided for providing read-only access to network element configuration data, 
s According to this embodiment of the invention, the system comprises a network 

!-,ri element located on an optical network. The network element is operative to store 

1 y 

G 20 configuration data describing the current configuration state of the network element, 

p The network element is also operative to provide the configuration data in response to 

p requests for the data. 

The system provided herein also includes a server computer communicatively 
coupled to the network element. The server computer is operative to provide a Web site 
25 at which a request may be received to review the configuration data from the network 
element. The server computer is also operative to retrieve the configuration data 
associated with the network element in response to a request for such data and to 
provide that data in a read-only format. 

The server computer may also be operative to store a database containing 
30 previously- stored configuration data for the network element. When a request is 



received at the server computer for configuration data for the network element, the 
server computer retrieves the configuration data from the network element. The server 
computer also compares the previously-stored configuration data from the database to 
the configuration data received from the network element. The server computer 
determines whether the previously-stored configuration data and the configuration data 
received from the network element are identical. If the configuration data retrieved 
from the network element and the previously-stored configuration data are not identical, 
the server computer is operative to store the configuration data received from the 
network element in the database. 

The present invention also provides a computer-controlled apparatus and a 
computer-readable medium for providing read-only access to network element 
configuration data. Additional aspects of the present invention will be apparent from 
the detailed description that follows. 

Brief Description of the Drawings 

FIGURE 1 is a block diagram showing a network that is an illustrative operating 
environment for aspects of the present invention; 

FIGURE 2 is a block diagram illustrating a computer architecture for a Web 
server computer utilized at a SONET transport center for providing read-only access to 
configuration data for network equipment in an illustrative embodiment of the present 
invention; 

FIGURE 3 is a screen diagram showing a portion of an illustrative Web site 
provided according to one aspect of the present invention; and 

FIGURES 4-6 are flow diagrams illustrating an exemplary routine for providing 
read-only access to configuration data according to one actual embodiment of the 
present invention. 



Detailed Description of an Illustrative Embodiment 

As described briefly above, the present invention provides a method, system, 
apparatus, and computer-readable medium for providing read-only access to 
configuration data for network elements. One embodiment of the present invention 
5 operates to provide configuration data for network elements operating within a 
synchronous optical network ("SONET"). As known to those skilled in the art, 
SONET is a standardized method for signal conversion between electrical and optical 
systems. SONET handles a wide range of communications speeds and may be either 
switched or non-switched. 
10 Turning now to FIGURE 1, an illustrative operating environment for the present 

invention will be described. The operating environment shown in FIGURE 1 includes 
an optical network 12 having one or more SONET rings 8A-8C. An optical network is 
y 5 broadly defined as an information transport facility with fiber optic cables ("optical 

is #: 

fibers" or "fibers") serving as the physical link or medium for information transport. 
U 15 Generally, an optical network is a synchronous digital network that conforms to certain 

y[ standards that define a set of optical interfaces (STS-Nc signals) for network transport. 

Cl SONET defines standard optical signals (STS-Nc signals), a synchronous frame 

,:; structure for multiplexed digital information traffic, and operation procedures so that 

jlrj optical networks from different manufacturers/carriers may be interconnected. 

Q 20 As shown in FIGURE 1, each SONET ring includes network elements 10A-10L 

q (also called SONET hubs or nodes) that are linked by fiber optic connections to form a 

ja * closed loop or a ring. For instance, the SONET ring 8A includes linked network 

elements 101, 10 J, 10K, and 10L. The network elements 10A-10L may also be used to 
couple SONET rings to one another. For instance, network element 101 and network 
25 element 10H are utilized to couple SONET ring 8A to SONET ring 8B. It should be 
appreciated by those skilled in the art that SONET networks may also be built in a 
linear fashion or using a combination ring-linear architecture. It should also be 
appreciated that while the present invention operates to provide access to configuration 
data for network elements within a SONET network, data may be similarly provided for 
30 other types of networks. 



The network elements comprise network equipment necessary to the operation 
of the network, such as an add/drop multiplexor or a digital cross-connect system. Each 
of the network elements 10A-10L in the optical network 12 is communicatively coupled 
to a SONET transport center 2 and an NRC 4. The NRC 4 provides a single point of 
5 contact and accountability for control and analysis of network element alarms or trouble 
indicators within the optical network 12. The NRC 4 proactively monitors and responds 
to trouble conditions anywhere in the optical network 12, including all switches and 
facilities. 

The SONET transport center 2 is a computing facility that is coupled to each of 
10 the network elements 10A-10L in the optical network 12. The SONET transport center 
2 provides a Web site at which read-only access may be had via the Intranet 3 to 
configuration data of the network elements 10A-10L. Note that this functionality may 
also be provided at the NRC 4 or other network location. In order to provide such 
J^j functionality, computer systems are provided at the SONET transport center 2 for 

□ 15 providing a Web site or other type of visual interface to configuration data. A computer 

y! for providing such a Web site will be described below with respect to FIGURE 2. 

Computer systems utilized at the SONET transport center 2 also utilize a 
a communications protocol to communicate with the network elements 10A-10L. The 

s-fl communications protocol is utilized to request configuration data from the network 

: eft 

B 20 elements 10A-10L. 

O In the actual embodiment of the present invention described herein, the protocol 

utilized for communication between the SONET transport center 2 and the network 
elements 10A-10L is transaction language one ("TL1"). As known to those skilled in 
the art, TL1 is a network element management language defined by Telcordia (formerly 
25 Bellcore) that is used in telecommunications equipment. TL1 is a cross-vendor, cross- 
technology machine-machine language and is the primary protocol used in managing 
SONET networks. TL1 includes standard messages for fault, configuration, 
performance, security, and testing. While TL1 is utilized to provide a management 
interface between the SONET transport center 2 and the network elements 10A-10L in 
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the actual embodiment described herein, other types of management protocols may also 
be utilized. 

Turning now to FIGURE 2, an illustrative computer architecture for a Web 
server computer system 14 will be described. The Web server computer 14 is located at 
5 the SONET transport center 2 and is utilized primarily to provide an Intranet 3 Web site 
at which configuration data may be retrieved in a read-only format for the network 
elements 10A-10L. The computer architecture shown in FIGURE 3 illustrates a 
conventional network-capable Web server computer system, including a central 
processing unit 16 ("CPU"), a system memory 20, including a random access 
10 memory 24 ("RAM") and a read-only memory ("ROM") 26, and a system bus 18 that 
couples the memory to the CPU 16. A basic input/output system ("BIOS") containing 
the basic routines that help to transfer information between elements within the 
M: computer, such as during startup, is stored in the ROM 26. The Web server computer 

•::} system 14 further includes a mass storage device 30 for storing an operating system 28 

□ 1 5 and application programs 34. 

jj; The mass storage device 30 is connected to the CPU 16 through a mass storage 

controller (not shown) connected to the bus 18. The mass storage device 30 and its 
s associated computer-readable media provide non-volatile storage for the Web server 

SSSS 

n f computer system 14. Although the description of computer-readable media contained 

y 20 herein refers to a mass storage device, such as a hard disk or CD-ROM drive, it should 

£3 be appreciated by those skilled in the art that computer-readable media can be any 

available media that can be accessed by the Web server computer system 14. 

By way of example, and not limitation, computer-readable media may comprise 
computer storage media and communication media. Computer storage media includes 
25 volatile and non-volatile, removable and non-removable media implemented in any 
method or technology for storage of information such as computer-readable 
instructions, data structures, program modules or other data. Computer storage media 
includes, but is not limited to, RAM, ROM, EPROM, EEPROM, flash memory or other 
solid state memory technology, CD-ROM, DVD, or other optical storage, magnetic 
30 cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or 
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any other medium which can be used to store the desired information and which can be 
accessed by the computer. 

As described briefly above, the Web server computer system 14 is capable of 
communicating with the network elements 10A-10L to receive configuration data. The 
5 Web server computer system 10 connects to the network elements 10A-10L or other 
devices on the optical network 12 through a network interface unit 22 connected to the 
bus 18. The Web server computer system 14 may also include an input/output 
controller 32 for receiving and processing input from a number of devices, including a 
keyboard or mouse. Similarly, the input/output controller 32 may provide output to a 
10 display screen, a printer, or other type of output device. 

A number of program modules may be stored in the mass storage device 30 and 
RAM 24 of the Web server computer system 14, including an operating system 28 
y, suitable for controlling the operation of a networked Web server computer system, such 

y as the UNIX operating system, the SOLARIS operating system from SUN 

C3 15 MICROSYSTEMS, or the WINDOWS 2000 operating system from MICROSOFT 

L J; CORPORATION of Redmond, Washington. The mass storage device 30 and RAM 24 

may also store one or more application programs 34. In particular, the mass storage 
* device 30 and RAM 24 may store a SONETCAP application 41, a TL1 script database 

ffj 38, a telemetry assignment system ("TAS") database 36, a Web server application 

O 20 program 40, Hyper-text markup language ("HTML") pages 39 and common gateway 

□ interface scripts 43. The SONETCAP application program 36 contains the actual code 

for communicating with the network elements 10A-10L for retrieving configuration 
data from the network elements 10A-10L. The TL1 script database 38 contains 
customized TL1 scripts corresponding to each type of network element on the optical 
25 network 12. Custom scripts are utilized for each type of network element to account for 
peculiarities in implementations of the TL1 protocol. 

The Web server application program 40 comprises a standard server application 
for receiving and responding to requests for HTML pages and other documents. The 
Internet Information Server from the MICROSOFT CORPORATION of Redmond, 
30 Washington, may be utilized as the Web server application 40. Other types of Web 
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server application programs 40 as known to those skilled in the art may be utilized. The 
Web server application 40 receives a request for HTML pages 39 in response to these 
requests. Common Gateway Interface ("CGI") scripts 43 may be utilized to 
communicate with the SONETCAP application 41 and to generate pages containing 
5 configuration data. These Web pages may then be returned to the requesting computer 
over the Intranet 3. 

The TAS database 36 is utilized to store configuration information for network 
elements. As will be described below, the TAS database 36 is updated each time a 
request is received for configuration data for a network element. Additional details 
10 regarding the operation of the Web server application program 40, the SONETCAP 
application 41, and the CGI scripts 43 will be described below with reference to 
FIGURES 3A-6. 

Referring now to FIGURE 3, a screen diagram showing a portion of an 
illustrative Web site provided according to an aspect of the present invention will be 

15 described. As shown in FIGURE 3, a user may browse the Web site provided by the 
present invention using a standard Web browser application program 53. When a user 
browses to the Web site provided by the present invention, the user is first requested to 
provide a valid login and password. If the user provides a login and password that are 
authorized to access the Web site, the screen display shown in FIGURE 3 is provided. 

20 As shown in FIGURE 3, a text entry dialog box 58 is provided in which a user 

may enter a TID for a network element. As known to those skilled in the art, the TID is 
used to identify the target network element for a TL1 command. Once the user has 
provided the TID 57, the user may press the clear button 55 to clear the current entry. 
The user may also select the submit request button 56 to submit the identified TID 57 to 

25 the Web server computer 14. In response to the selection of the submit request button 
56, the Web server computer 14 queries the network element identified by the TID 57 
for its configuration data. When the configuration data has been received, it is 
displayed to the user on another Web page. The Web page only provides read-only 
access to the configuration data and provides no functionality for modifying the 

3 0 configuration of the specified network element. 

9 



Referring now to FIGURE 4, an illustrative routine 400 will be described for 
providing read-only access to configuration data for a network element. The routine 
400 begins at block 402, where a request to view network element configuration data is 
received. The routine 400 then continues to block 404 where a login and password are 
5 also received. The routine 400 continues to block 406 where a determination is made as 
to whether the received login and password are valid. If the received login and 
password are not valid, the routine 400 branches to block 408, where an error message 
is generated. From block 408, the routine 400 branches to block 428, where it ends. 

If, at block 406, it is determined that a valid login and password have been 

10 received, the routine 400 continues to block 410 where a Web page is provided 
prompting a user for the TID of a network element for which configuration data should 
be received. From block 410, the routine 400 continues to block 412, where a TID is 
received from the user. 

From block 412, the routine 400 continues to block 414, where a record is 

15 retrieved from the TAS database 36 corresponding to the TID provided by the user. As 
described above, information is stored in the TAS database 36 corresponding to the 
identified network element each time an access request is made for the configuration 
data corresponding to the network element. By checking the contents of the TAS 
database 36 each time a request for configuration data is received, previously-stored 

20 configuration data can be updated with the current configuration data for the network 
element. 

From block 414, the routine 400 continues to block 416 where a 
communications connection is opened with the network element identified by the TID. 
At block 418, TL1 commands are issued to the network element requesting the 
25 configuration data for the network element. In response to these commands, the 
network element returns the requested configuration data. The routine 400 then 
continues to block 420, where a comparison is made between the configuration data 
previously stored in the TAS database 36 and the configuration data received from the 
network element. 

10 
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At block 422, a determination is made as to whether the configuration data 
stored previously in the TAS database 36 is identical to the configuration data received 
from the network element. If, at block 422, it is determined that the configuration data 
stored previously in the TAS database 36 is not identical to the configuration data 
5 received from the network element, the routine 400 branches to block 424. At block 
424, the database record stored in the TAS database 36 corresponding to the network 
element identified by the TID is updated with the configuration data received from the 
network element. The routine 400 then continues from block 424 to block 426. 

If, at block 422, it is determined that the configuration data previously stored in 
10 the TAS database 36 is identical to the configuration data received from the network 
element, the routine 400 continues to block 426. At block 426, a Web page is generated 
showing configuration data for the network element. The routine 400 continues from 
u, block 426 to block 428, where it ends. 

O Based on the foregoing, it should be appreciated that the present invention 

p 15 provides a method, system, apparatus, and computer-readable medium for providing 

i v 2 read-only access to network element configuration data. The above specification, 

G examples and data provide a complete description of the manufacture and use of the 

composition of the invention. Since many embodiments of the invention can be made 
without departing from the spirit and scope of the invention, the invention resides in the 
*3 20 claims hereinafter appended. 
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